Threat Explorer

The Threat Explorer is a comprehensive resource consumers can turn to for daily, accurate, up-to-date information on the latest threats, risks and vulnerabilities.

Ng.695

Ng.695

Discovered:
16 November 2004
Updated:
02 May 2018
Systems Affected:
DOS, Windows
Ng.695 is a DOS virus that infects .COM files. When executed, infected files will return the string "Bad command or file name".

Antivirus Protection Dates

  • Initial Rapid Release version 16 November 2004
  • Latest Rapid Release version 28 September 2010 revision 054
  • Initial Daily Certified version 16 November 2004
  • Latest Daily Certified version 28 September 2010 revision 036
  • Initial Weekly Certified release date 17 November 2004
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Ng.695 is a DOS virus that infects .COM files.

The virus makes itself memory resident by hooking interrupts 13h, 24h and 28h.

The virus searches for and infects one .COM file from the file system every 5th time that a sector is written to the hard disk.

The virus does not infect files with the following characteristics:
Files that do not have a .COM extension
Files with names beginning with "CO" of "SO"
Files whose first character is "M"
Files whose fourth character is "m"

When executed, infected files will return the string "Bad command or file name".